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CLAIMS 

1. A system for remotely controlling one or more devices over a 
communications network, wherein the network includes first and second network 
5 sides and means for controlling access between the first and second sides, the 
system comprising: 

a first controller connected to the network on the first network side for 
receiving device control messages from a control station; and 

a second controller connected to the network on the second network side, 
10 for receiving the device control messages from the first controller and controlling the 
one or more devices in response thereto; 

wherein the first controller is configured to send the device control messages 
to the second controller after initiation of a connection to the first controller by the 
second controller. 

15 

2. A system according to claim 1, wherein the second c ^pB oiler initiates the 
connection by sending a connection request to the first controlic.-; 

3. A system according to claim 1 or 2, wherein the access control means is 
20 configured to prevent connection requests from the first controller from reaching the 

second controller. 

4. A system according to claim 1, 2 or 3, wherein the system is configured to 
maintain a connection between the first and second controllers following receipt of 

25 the connection request from the second controller at the first controller, to permit the 
first controller to send the device control messages to the second controller when 
said messages are received at the first controller. 

5. A system according to claim 4, wherein the device control messages are 
30 sent in an encrypted form. 

6. A system according to any one of the preceding claims, wherein the first and 
second controllers are located at a site remote from the control station. 
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7. A system according to claim 6, wherein the communications path between 
the control station and the remote site comprises a wide area networlc. 

5 8. A system according to claim 7, comprising further access control means 
between the wide area network and the first controller. 

9. A system according to any one of the preceding claims, wherein the or each 
access control means comprise a firewall. 

10 

10. A system according to claim 8, wherein the access control means and the 
further access control means comprise inner and outer firewalls and the first 
controller is connected in a demilitarised zone between the inner and outer firewalls. 

15 11. A system according to any one of the preceding claims, wherein the first and 
second controllers communicate over '--i^mport Control Protocol (TCP) port.1073. 

1 2. A system according to any one of the preceding claims, wherein the control 
station is configured to receive information relating to an event occun-ing at the one 

20 or more devices via the first and second controllers. 

13, A system according to claim 12, wherein the control station generates a 
device control message in response to the received information. 

25 14. A system according to claim 12 or 13, wherein the control station Initiates a 
connection to the first controller to enable it to receive said information from the first 
controller. 

15. A system according to claim 12 or 13, wherein the first controller initiates a 
30 connection to the control station to enable the control station to receive said 
information from the first controller. 
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16. A system according to claim 15, wherein the first controller is triggered to 
initiate the connection to the control station after initiation of the connection to the 
first controller by the second controller. 

5 17. A system according to any one of the preceding claims, wherein the second 
controller includes one or more device drivers for controlling said one or more 
devices. 

18. A method of remotely controlling one or more devices over a 
10 communications network, wherein the network includes first and second network 

sides and means for controlling access between the first and second sides, the 
method comprising: 

initiating a connection to a first controller connected to the network on the 
first network side from a second controller connected to the network on the second 
15 network side; 

sc^> ^^. device control messages from a control station to the first controller 
and then f.orn the first controller to the second controller. 

19. A system for remotely monitoring one or more devices over a 
20 communications network, wherein the network includes first and second network 

sides and means for controlling access between the first and second sides, the 
system comprising: 

a monitor station connected to the network on the first network side for 
receiving information concerning said one or more devices; 
25 a first controller connected to the network on the second network side for 

receiving said information and sending said information to the monitor station; and 

a second controller for monitoring the one or more devices and sending said 
information to the first controller; 

wherein the first controller is configured to send said information to the 
30 monitor station after initiation of a connection to the first controller by the monitor 
station. 
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20. A system according to claim 19, wlierein the system is configured to 
maintain a connection between the monitor station and the first controller following 
receipt of the connection request from the monitor station at the first controller, to 
permit the first controller to send information received at the first controller to the 

5 monitor station without requesting a new connection to the monitor station. 

21 . A system according to claim 19 or 20, wherein the monitor station generates 
device control messages in response to the received information. 

10 22. A system according to claim 21, wherein the device control messages are 
sent to the devices via the first and second controllers. 

23. A system according to any one of claims 19 to 22, wherein the second 
controller is connected to the networic on the second networic side. 

15 

24- A system according to any one of claims 19 to 23, vyherein the first 
controller is located at a site local to the monitor station and the second controller is 
located at a site remote from the monitor station. 

20 25. A system according to claim 24, wherein the communications path between 
the monitor station and the remote site comprises a wide area network. 

26. A system according to claim 25, wherein the first controller is located in a 
demilitarised zone between a first firewall which separates the first controller from 

25 the monitor station and a second firewall which separates the first controller from the 
wide area network. 

27. A system according to claim 26, further comprising a third firewall separating 
the second controller from the wide area network. 

30 

28. A system according to claim 27, wherein the third firewall is configured not 
to permit inbound connection requests to the second controller. 
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29. A system according to any one of claims 19 to 28, wherein the monitor 
station and the first controller communicate over Transport Control Protocol (TCP) 
port 1073. 

5 30. A method of remotely monitoring one or more devices over a 
communications network, wherein the network includes first and second network 
sides and means for controlling access between the first and second sides, the 
method comprising: 

initiating a connection to a first controller connected to the network on the 
10 second network side from a monitor station connected to the network on the first 
network side; 

sending event information relating to the one or more devices from the 
second controller to the first controller and then from the first controller to the 
monitor station. 

15 

31. A method according to claim 30, further comprising g^y^i-Srating device 
control messages for controlling the devices in response to tnc. received event 
information. 



